Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

What do these errors mean on Cisco 837 router?

As radom times of the day I get these errors set to our syslog server for one of our Cisco 837 routers, what do they mean and are they a problem?

Error 1 -

2/27/2006 9:29 AM : CRYPTO-4-PKT_REPLAY_ERR 51: Feb 27 09:27:16.941 UTC: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed

Error 2 -

2/27/2006 9:16 AM : 50: connection id=13422064

Error 3 -

2/27/2006 9:13 AM : CRYPTO-4-RECVD_PKT_MAC_ERR 48: Feb 27 09:11:22.163 UTC: %CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=134220646

Error 4 -

2/27/2006 8:57 AM : FW-3-HTTP_JAVA_BLOCK 42: Feb 27 08:55:57.608 UTC: %FW-3-HTTP_JAVA_BLOCK: JAVA applet is blocked from (209.61.212.159:80) to (192.168.1.25:1278).

1 REPLY

Re: What do these errors mean on Cisco 837 router?

Hi

1.Do find the link which talks about resizing the window size due to which u are getting the first error.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455ad4.html

Also find the details about the other logs as well as the recommended action..

2.%CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=[dec]

The MAC verify processing failed. This might be caused by the use of the wrong key by either party during the MAC calculations.

This activity could be considered a hostile event

Recommended Action: Contact the peer administrator

3.%FW-3-HTTP_JAVA_BLOCK: JAVA applet is blocked from ([IP_address]:[dec]) to ([IP_address]:[dec]).

A Java applet was seen in the HTTP channel, and the firewall configuration indicates that the applet from this Web site should be prohibited. The message indicates that the applet is being downloaded from one of the prohibited sites, and its entrance to the protected network is not allowed. The connection is reset, and the transmission of the detected applet is aborted immediately.

Recommended Action: This message is for informational purposes only, but it may indicate a security problem.

regds

316
Views
4
Helpful
1
Replies